In a joint multi-country cybersecurity advisory (CSA), governments are warning their respective critical infrastructure organizations to be vigilant against increased malicious cyber threat activity.
Usually the U.S. government’s Cybersecurity & Infrastructure Security Agency (CISA) holds enough weight on its own to be the sole authority for a given CSA. But today’s advisory was issued in conjunction with corresponding agencies in the United States, Australia, Canada, New Zealand, and the United Kingdom.
In it, the advisory warns of “evolving intelligence indicates that the Russian government is exploring options for potential cyberattacks” and that cybercriminal groups – who have recently publicly pledged support for the Russian government – “have threatened to conduct cyber operations in retaliation for perceived cyber offensives against the Russian government or the Russian people.”
The joint cybersecurity authorities are urging organizations in industries considered part of the world’s critical infrastructure to “prepare for and mitigate potential cyber threats—including destructive malware, ransomware, DDoS attacks, and cyber espionage—by hardening their cyber defenses and performing due diligence in identifying indicators of malicious activity. Refer to the Mitigations section of this advisory for recommended hardening actions.”
The advisory points to resources that include CISA’s Shields Up Technical Guidance, which provides detail around protecting against ransomware, destructive malware, distributed denial of service, and other types of attacks.
New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!
